CWE-11
ASP.NET Misconfiguration: Creating Debug Binary
Description
Debugging messages help attackers learn about the system and plan a form of attack.
ASP .NET applications can be configured to produce debug binaries. These binaries give detailed debugging messages and should not be used in production environments. Debug binaries are meant to be used in a development or testing environment and can pose a security risk if they are deployed to production.
Parent Weaknesses (ChildOf)
Common Consequences
Scope
Impact
Read Application Data
Potential Mitigations
Avoid releasing debug binaries into the production environment. Change the debug mode to false when the application is deployed into production.
Applicable Platforms
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now